You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!

Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.

If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.

Having a problem logging in? Please visit this page to clear all LQ-related cookies.

Introduction to Linux - A Hands on Guide

This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.

Creating special devices to solve problems

With tax season coming up I have been asked to set up a certain centralized tax service for a company. I won't mention the company nor the well known tax program involved as this post isn't about flaming a product but just to show you how cool commands in Linux can be used to solve, what would originally seem like, complicated problems.

Here's the scenario. The software runs on JBoss (a java app server) and it has log output. During client testing with fake social security numbers I noticed that they were getting output into the log. For security purposes this is unacceptable. After thinking for a while the solution I came up with was this... I want to output the log into /dev/null. But how? How indeed, and here's what I did.

I remember that the mknod command is used for special devices so I looked at the man documentation.

The first character in the permissions is the filetype. Normally you see d for directory, - for file, or l for a symbolic link as an example. Here specifically it is a character special file.

Also notice the "1, 3" in the file listing. Those are the device special major and minor numbers. I'm not sure where there's a list of all of the different types of numbers but if you know please post in the comments. Here though we basically know how we want the file to behave and had a file we could analyze to get the major and minor numbers so that mknod knows what kind of special device we're creating.

So now I just go to where the log file is outputting and create a null special device in the file name where the log name would normally be. Let's say, hypothetically, that our offending log output file is located at /opt/jboss/log/program.log. Here's the commands to create the special device and match it be the same type as /dev/null.

My jboss instance runs under user jboss but my program.log special device is owned by root with permissions 666. That's because I don't want jboss or the app to be able to rename or move the special device.

Now when log output is written to the log file it will simply be going into a null-like file which isn't recorded. Of course if you ever need to troubleshoot you'll have to remove this special file so that it can write to a log file again for output. But for normal usage of the app I'd say this is a pretty good solution to a closed source proprietary program which was simple for the problem at hand.